diff options
| author | Roeland Jago Douma <rullzer@users.noreply.github.com> | 2019-12-12 21:59:42 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-12-12 21:59:42 +0100 |
| commit | 87104ce5100f905dab3ce056f05847fad5dde393 (patch) | |
| tree | 13ed0038cd67a4f4cb1c61fa81dca4f019d74eb6 | |
| parent | 815241fa09615efbd1fa2b66d5a9bfb7c4e76298 (diff) | |
| parent | 9378a6b4111f5ae600aa04f6a6d273b07c53c78a (diff) | |
| download | nextcloud-server-87104ce5100f905dab3ce056f05847fad5dde393.tar.gz nextcloud-server-87104ce5100f905dab3ce056f05847fad5dde393.zip | |
Merge pull request #17784 from nextcloud/enh/disable-clear-site-data-via-config
Disable Clear-Site-Data for Chrom* (and Opera, Brave, etc)
| -rw-r--r-- | core/Controller/LoginController.php | 8 | ||||
| -rw-r--r-- | tests/Core/Controller/LoginControllerTest.php | 28 |
2 files changed, 34 insertions, 2 deletions
diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php index 06d0f2464f5..13aef8f67ab 100644 --- a/core/Controller/LoginController.php +++ b/core/Controller/LoginController.php @@ -31,9 +31,9 @@ namespace OC\Core\Controller; +use OC\AppFramework\Http\Request; use OC\Authentication\Login\Chain; use OC\Authentication\Login\LoginData; -use OC\Authentication\TwoFactorAuth\Manager; use OC\Security\Bruteforce\Throttler; use OC\User\Session; use OC_App; @@ -126,7 +126,11 @@ class LoginController extends Controller { $this->session->set('clearingExecutionContexts', '1'); $this->session->close(); - $response->addHeader('Clear-Site-Data', '"cache", "storage"'); + + if (!$this->request->isUserAgent([Request::USER_AGENT_CHROME, Request::USER_AGENT_ANDROID_MOBILE_CHROME])) { + $response->addHeader('Clear-Site-Data', '"cache", "storage"'); + } + return $response; } diff --git a/tests/Core/Controller/LoginControllerTest.php b/tests/Core/Controller/LoginControllerTest.php index b4f3663c0ba..6a6795a8e82 100644 --- a/tests/Core/Controller/LoginControllerTest.php +++ b/tests/Core/Controller/LoginControllerTest.php @@ -128,6 +128,10 @@ class LoginControllerTest extends TestCase { ->method('getCookie') ->with('nc_token') ->willReturn(null); + $this->request + ->expects($this->once()) + ->method('isUserAgent') + ->willReturn(false); $this->config ->expects($this->never()) ->method('deleteUserValue'); @@ -142,12 +146,36 @@ class LoginControllerTest extends TestCase { $this->assertEquals($expected, $this->loginController->logout()); } + public function testLogoutNoClearSiteData() { + $this->request + ->expects($this->once()) + ->method('getCookie') + ->with('nc_token') + ->willReturn(null); + $this->request + ->expects($this->once()) + ->method('isUserAgent') + ->willReturn(true); + $this->urlGenerator + ->expects($this->once()) + ->method('linkToRouteAbsolute') + ->with('core.login.showLoginForm') + ->willReturn('/login'); + + $expected = new RedirectResponse('/login'); + $this->assertEquals($expected, $this->loginController->logout()); + } + public function testLogoutWithToken() { $this->request ->expects($this->once()) ->method('getCookie') ->with('nc_token') ->willReturn('MyLoginToken'); + $this->request + ->expects($this->once()) + ->method('isUserAgent') + ->willReturn(false); $user = $this->createMock(IUser::class); $user ->expects($this->once()) |